Why This Is a Challenge

Perpetrators of schemes to defraud Medicare and Medicaid range from criminals who masquerade as bona fide health care providers and suppliers but who do not provide legitimate services or products to Fortune 500 companies that pay kickbacks to physicians in return for referrals. Fraud is a crime of deception, and perpetrators design their schemes to avoid detection. The Department faces multiple challenges in preventing and detecting these frauds, including:

effectively using CMS's provider enrollment and payment suspension authorities against those providers and suppliers that have exploited weaknesses to commit fraud rather than provide legitimate patient care,

managing the Department's expanding use of data analysis, and

excluding individuals and entities from federal health care programs to protect the programs and beneficiaries.

Many of CMS's essential program integrity activities are carried out by contractors. (See Challenge 7, Oversight of CMS Program and Benefit Integrity Contractors, for more information.)

Progress in Addressing the Challenge

Enrollment and Payment. The ACA addressed many program vulnerabilities by authorizing rigorous enrollment and screening processes, enrollment moratoria, and payment suspension. In February 2011, CMS published a final rule implementing the ACA provisions concerning screening of providers and suppliers based on fraud risk. CMS's enhanced payment suspension authority took effect in March 2011.

Data analysis. Enhanced data analysis made possible the impressive enforcement results of the nine Medicare Fraud Strike Forces, which are part of the Health Care Fraud Prevention and Enforcement Action Team (HEAT). The strike forces are interagency teams of prosecutors and federal and local law enforcement that focus enforcement resources on geographic areas at high risk for fraud. CMS has made claims data available more quickly and efficiently by providing limited law enforcement access to real-time data and has increased the number of trained law enforcement users on the One Program Integrity tool. In June 2011, CMS implemented the Fraud Prevention System (FPS) to risk-score Medicare Fee-for-Service (FFS) claims prepayment and awarded a contract to IBM in July 2011 to develop and test new predictive models for inclusion in the FPS.

Accountability. CMS's imposition of payment suspensions is one example of the Department's increased focus on accountability. OIG is using its permissive exclusion authority to pursue exclusion of responsible corporate officers of sanctioned providers and suppliers that may otherwise view civil penalties and fines as the cost of doing business.

What Needs To Be Done

CMS's final rule on enrollment screening takes important steps toward preventing unscrupulous providers and suppliers from obtaining Medicare billing privileges. However, there are additional opportunities for CMS to strengthen the enrollment system, including adopting a more flexible screening approach, tailoring screening measures to fraud risks, and classifying reenrolling DME and home health providers as "high risk." Moreover, the Department must ensure that its response to program vulnerabilities captures not only improper payments but also fraud; to that end, the contractors on which it relies must be carefully selected and have the tools, training, resources, and incentive to appropriately address improper payments and make appropriate fraud referrals. (See Challenge 7, Oversight of CMS Program and Benefit Integrity Contractors, for additional information.)

The Department should continue to improve law enforcement's access to data-including real-time claims data-as well as create more robust data sets, which are critical to identifying and investigating fraud. OIG must also ensure that it has the capacity to handle the volume of new fraud referrals that can be expected from CMS's expansion into predictive modeling and that CMS and OIG coordinate closely on such referrals.

The Department should continue to focus on accountability for fraud. In addition, OIG will continue to use its permissive exclusion authority for responsible individuals and entities in appropriate cases and monitor its effect on recidivism.